Response to Jon Oltsik on ERM
By Simon Thorpe on Jul 16, 2008
Jon Oltisk, a senior analyst at Enterprise Strategy Group recently posted the article titled ERM: The forgotten data security space. He comments on the ERM space, now more usually called IRM, as a forgotten technology with regards to data security. DLP is also discussed as another technology which addresses the problem of trying to protect your sensitive data.
He comments on two particular ironies that have resulted in the past few years in consolidation of these two technology spaces.
Ironic point No. 1: DLP vendors are now adding ERM-like functionality like data usage policy enforcement into their products. I guess this means that as users get a better understanding about their data and how people use it, they realize that they need better ways to control these activities.
Very true, DLP only protects at a gateway where the information passes. Such as a firewall or virus scanner. Yet there are so many ways in which content can be distributed, such as copying to USB flash keys, sent via non-corporate email, shared of peer to peer networks such as Gnutella and KaZaA. IRM however applies the controls at the document or email level, therefore it doesn't matter where or how the content is distributed, IRM persists the security.
Ironic point No. 2: ERM vendors like Adobe Systems, Liquid Machines, and Microsoft that were able to ride out the market storm are now in high demand. Users finally recognize the value here.
Thankfully for me, also very true... although Jon forgot to mention the market leader in IRM, i'll excuse him this one time. Oracle IRM, formerly SealedMedia, is the market leader in terms of large-scale enterprise deployments. He closes his rather short article stating that, "ERM, as an adjunct to DLP or as a standalone security suite, will ultimately benefit users and investors alike.".
Indeed, in fact DLP and IRM are both on an intersecting path via either partnerships, acquisition or development. Both aim to control the distribution and access to an organizations most sensitive content but do so in very different ways. IRM is designed to offer persistent information security controls at the content level. DLP mostly grew from outbound acceptable use content filtering, such as virus scanners and is still regarded as quite a new technology. DLP would be wise to seek partnerships where mature IRM technologies, like Oracle IRM, can be integrated alongside.
When DLP and IRM are combined, it provides a solution which moves the enterprise closer to the goal of having its corporate protection policies actually applied to their masses of unstructured sensitive content that is being distributed everywhere. Then if you consider adding to the mix GRC style applications and auditing technologies, the enterprise is very close to complete control and deep visibility of its data in use well beyond it's physical and virtual perimeters.
I plan to write a more detailed article DLP and IRM comparison, keep an eye on this blog.